ciscolive/automation/services/notify_dc_users.py

#!/usr/bin/env python3

from __future__ import print_function
import pickle
import os.path
import os
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request
import smtplib
from email.message import EmailMessage
import sys
import re
import subprocess
import CLEUCreds
from cleu.config import Config as C

FROM = 'Joe Clarke <jclarke@cisco.com>'
CC = 'Kris Sekula <ksekula@cisco.com>, Anthony Jesani <anjesani@cisco.com>'

JUMP_HOSTS = [
    '10.100.252.26', '10.100.252.27', '10.100.252.28', '10.100.252.29'
]

DC_MAP = {
    'DC1': 'dc1_datastore_1',
    'DC2': 'dc2_datastore_1',
    'HyperFlex-DC1': 'DC1-HX-DS-01',
    'HyperFlex-DC2': 'DC2-HX-DS-01'
}

DEFAULT_CLUSTER = 'FlexPod'

HX_DCs = {
    'HyperFlex-DC1': 1,
    'HyperFlex-DC2': 1
}

IP4_SUBNET = '10.100.'
IP6_PREFIX = '2a05:f8c0:2:'

NETWORK_MAP = {
    'CROSS DC VMs': {
        'subnet': '{}252.0/24'.format(IP4_SUBNET),
        'gw': '{}252.254'.format(IP4_SUBNET),
        'prefix': '{}64fc::'.format(IP6_PREFIX),
        'gw6': '{}64fc::fe'.format(IP6_PREFIX)
    },
    'DC1 ONLY VMs': {
        'subnet': '{}253.0/24'.format(IP4_SUBNET),
        'gw': '{}253.254'.format(IP4_SUBNET),
        'prefix': '{}64fd::'.format(IP6_PREFIX),
        'gw6': '{}64fd::fe'.format(IP6_PREFIX)
    },
    'DC2 ONLY VMs': {
        'subnet': '{}254.0/24'.format(IP4_SUBNET),
        'gw': '{}254.254'.format(IP4_SUBNET),
        'prefix': '{}64fe::'.format(IP6_PREFIX),
        'gw6': '{}64fe::fe'.format(IP6_PREFIX)
    }
}

OSTYPE_LIST = [
    (r'(?i)ubuntu', 'ubuntu64Guest'),
    (r'(?i)windows 10', 'windows9_64Guest'),
    (r'(?i)windows 2012', 'windows8Server64Guest'),
    (r'(?i)windows 201(6|9)', 'windows9Server64Guest'),
    (r'(?i)debian 8', 'debian8_64Guest'),
    (r'(?i)debian', 'debian9_64Guest'),
    (r'(?i)centos 7', 'centos7_64Guest'),
    (r'(?i)centos', 'centos8_64Guest'),
    (r'(?i)red hat', 'rhel7_64Guest'),
    (r'(?i)linux', 'other3xLinux64Guest')
]

DNS1 = '10.100.253.6'
DNS2 = '10.100.254.6'
NTP1 = '10.128.0.1'
NTP2 = '10.128.0.2'
VCENTER = 'https://' + C.VCENTER
DOMAIN = C.DNS_DOMAIN
AD_DOMAIN = C.AD_DOMAIN
SMTP_SERVER = C.SMTP_SERVER
SYSLOG = SMTP_SERVER
ISO_DS = 'dc1_datastore_1'
ISO_DS_HX1 = 'DC1-HX-DS-01'
ISO_DS_HX2 = 'DC2-HX-DS-01'
VPN_SERVER = C.VPN_SERVER
VPN_SERVER_IP = C.VPN_SERVER_IP
ANSIBLE_PATH = '/home/jclarke/src/git/ciscolive/automation/cleu-ansible-n9k'
UPDATE_DNS_PATH = '/home/jclarke'
DATACENTER = 'CiscoLive'
CISCOLIVE_YEAR = C.CISCOLIVE_YEAR
PW_RESET_URL = C.PW_RESET_URL

SPREADSHEET_ID = '1ExTNQJ7SArHSJKfPOj_x1O2aTj76dHjlG8kCDHW39hw'
SHEET_HOSTNAME = 0
SHEET_OS = 1
SHEET_OVA = 2
SHEET_CONTACT = 4
SHEET_CPU = 5
SHEET_RAM = 6
SHEET_DISK = 7
SHEET_NICS = 8
SHEET_DC = 11
SHEET_IP = 12
SHEET_VLAN = 13


def main():
    if len(sys.argv) != 2:
        print('usage: {} ROW_RANGE'.format(sys.argv[0]))
        sys.exit(1)

    if not os.path.exists('gs_token.pickle'):
        print('ERROR: Google Sheets token does not exist!  Please re-auth the app first.')
        sys.exit(1)

    creds = None

    with open('gs_token.pickle', 'rb') as token:
        creds = pickle.load(token)

    if 'VMWARE_USER' not in os.environ or 'VMWARE_PASSWORD' not in os.environ:
        print('ERROR: VMWARE_USER and VMWARE_PASSWORD environment variables must be set prior to running!')
        sys.exit(1)

    gs_service = build('sheets', 'v4', credentials=creds)

    vm_sheet = gs_service.spreadsheets()
    vm_result = vm_sheet.values().get(spreadsheetId=SPREADSHEET_ID,
                                      range=sys.argv[1]).execute()
    vm_values = vm_result.get('values', [])

    if not vm_values:
        print('ERROR: Did not read anything from Google Sheets!')
        sys.exit(1)

    (rstart, rend) = sys.argv[1].split(':')

    i = int(rstart) - 1
    users = {}

    for row in vm_values:
        i += 1
        try:
            owners = row[SHEET_CONTACT].strip().split(',')
            name = row[SHEET_HOSTNAME].strip()
            opsys = row[SHEET_OS].strip()
            is_ova = row[SHEET_OVA].strip()
            cpu = int(row[SHEET_CPU].strip())
            mem = int(row[SHEET_RAM].strip())
            disk = int(row[SHEET_DISK].strip())
            dc = row[SHEET_DC].strip()
            vlan = row[SHEET_VLAN].strip()
            ip = row[SHEET_IP].strip()
        except Exception as e:
            print('WARNING: Failed to process malformed row {}: {}'.format(i, e))
            continue

        if name == '' or ip == '' or dc == '':
            print('WARNING: Ignorning malformed row {}'.format(i))
            continue

        for owner in owners:
            owner = owner.strip()
            if owner not in users:
                users[owner] = []

            vm = {
                'name': name.upper(),
                'os': opsys,
                'mem': mem,
                'is_ova': is_ova,
                'cpu': cpu,
                'disk': disk,
                'vlan': vlan,
                'ip': ip,
                'dc': dc
            }
            users[owner].append(vm)

    for user, vms in users.items():
        m = re.search(r'<?(\S+)@', user)
        username = m.group(1)

        body = 'Please find the CLEU Data Centre Access details below\r\n\r\n'
        body += 'Before you can access the Data Centre from remote, AnyConnect to {} and login with {} / {}\r\n'.format(
            VPN_SERVER, CLEUCreds.VPN_USER, CLEUCreds.VPN_PASS)
        body += 'Once connected, your browser should redirect you to the password change tool.  If not go to {} and login with {} and password {}\r\n'.format(
            PW_RESET_URL, username, CLEUCreds.DEFAULT_USER_PASSWORD)
        body += 'Reset your password.  You must use a complex password that contains lower and uppercase letters, numbers, or a special character.\r\n'
        body += 'After resetting your password, drop the VPN and reconnect to {} with {} and the new password you just set.\r\n\r\n'.format(
            VPN_SERVER, username)
        body += 'You can use any of the following Windows Jump Hosts to access the data centre using RDP:\r\n\r\n'

        for js in JUMP_HOSTS:
            body += '{}\r\n'.format(js)

        body += '\r\nIf a Jump Host is full, try the next one.\r\n\r\n'
        body += 'Your login is {} (or {}@{} on Windows).  Your password is the same you used for the VPN.\r\n\r\n'.format(
            username, username, AD_DOMAIN)
        body += 'The network details for your VM(s) are:\r\n\r\n'
        body += 'DNS1          : {}\r\n'.format(DNS1)
        body += 'DNS2          : {}\r\n'.format(DNS2)
        body += 'NTP1          : {}\r\n'.format(NTP1)
        body += 'NTP2          : {}\r\n'.format(NTP2)
        body += 'DNS DOMAIN    : {}\r\n'.format(DOMAIN)
        body += 'SMTP          : {}\r\n'.format(SMTP_SERVER)
        body += 'AD DOMAIN     : {}\r\n'.format(AD_DOMAIN)
        body += 'Syslog/NetFlow: {}\r\n\r\n'.format(SYSLOG)

        body += 'vCenter is {}.  You MUST use the web client.  Your AD credentials above will work there.  VMs that don\'t require an OVA have been pre-created, but require installation and configuration.  If you use an OVA, you will need to deploy it yourself.\r\n\r\n'.format(
            VCENTER)

        body += 'Your VM details are as follows.  DNS records have been pre-created for the VM name (i.e., hostname) below:\r\n\r\n'
        created = {}
        for vm in vms:
            iso_ds = ISO_DS
            cluster = DEFAULT_CLUSTER

            if vm['dc'] in HX_DCs:
                if vm['dc'].endswith('2'):
                    iso_ds = ISO_DS_HX2
                else:
                    iso_ds = ISO_DS_HX1

                cluster = vm['dc']

            is_ova = False

            if vm['is_ova'].lower() == 'true' or vm['is_ova'].lower() == 'yes':
                is_ova = True

            ostype = None

            for ostypes in OSTYPE_LIST:
                if re.search(ostypes[0], vm['os']):
                    ostype = ostypes[1]
                    break

            if not is_ova and ostype is None:
                print('WARNING: Did not find OS type for {}'.format(vm['os']))
                continue

            if not is_ova and vm['vlan'] != '' and vm['name'] not in created:
                print('===Adding VM for {}==='.format(vm['name']))
                mem = vm['mem'] * 1024
                scsi = 'lsilogic'

                if re.search(r'^win', ostype):
                    scsi = 'lsilogicsas'

                os.chdir(ANSIBLE_PATH)
                command = ['ansible-playbook', '-i', 'inventory/hosts', '-e', 'vmware_cluster=\'{}\''.format(cluster), '-e', 'vmware_datacenter=\'{}\''.format(DATACENTER), '-e', 'guest_id={}'.format(ostype), '-e', 'guest_name={}'.format(vm['name']), '-e', 'guest_size={}'.format(
                    vm['disk']), '-e', 'guest_mem={}'.format(mem), '-e', 'guest_cpu={}'.format(vm['cpu']), '-e', 'guest_datastore={}'.format(DC_MAP[vm['dc']]), '-e', 'guest_network=\'{}\''.format(vm['vlan']), '-e', 'guest_scsi={}'.format(scsi), '-e', 'ansible_python_interpreter={}'.format(sys.executable), 'add-vm-playbook.yml']

                p = subprocess.Popen(
                    command, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
                output = ''
                for c in iter(lambda: p.stdout.read(1), b''):
                    output += c.decode('utf-8')

                p.wait()
                rc = p.returncode

                if rc != 0:
                    print(
                        '\n\n***ERROR: Failed to add VM {}\n{}!'.format(vm['name'], output))
                    continue

                print('===DONE===')

            if vm['name'] not in created:
                print('===Adding DNS record for {} ==> {}==='.format(
                    vm['name'], vm['ip']))

                os.chdir(UPDATE_DNS_PATH)
                command = ['{}/update_dns.py'.format(UPDATE_DNS_PATH), '--ip',
                           vm['ip'], '--host', vm['name']]

                p = subprocess.Popen(
                    command, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
                output = ''
                for c in iter(lambda: p.stdout.read(1), b''):
                    output += c.decode('utf-8')
                p.wait()
                rc = p.returncode

                if rc != 0:
                    print('\n\n***ERROR: Failed to add DNS record!\n{}'.format(output))
                    continue

                print('===DONE===')

            octets = vm['ip'].split('.')

            body += '{}          : {} (v6: {}{}) (Network: {}, Subnet: {}, GW: {}, v6 Prefix: {}/64, v6 GW: {})  : Deploy to the {} datastore in the "{}" cluster.\r\n\r\nFor this VM upload ISOs to the {} datastore.  There is an "ISOs" folder there already.\r\n\r\n'.format(
                vm['name'], vm['ip'], NETWORK_MAP[vm['vlan']]['prefix'], format(int(octets[3]), 'x'), vm['vlan'], NETWORK_MAP[vm['vlan']]['subnet'], NETWORK_MAP[vm['vlan']]['gw'], NETWORK_MAP[vm['vlan']]['prefix'], NETWORK_MAP[vm['vlan']]['gw6'], DC_MAP[vm['dc']], cluster, iso_ds)
            created[vm['name']] = True

        body += 'Let us know via Webex Teams if you need any other details.\r\n\r\n'

        body += 'Joe, Kris and Anthony\r\n\r\n'

        subject = 'Cisco Live Europe {} Data Centre Access Info'.format(
            CISCOLIVE_YEAR)

        smtp = smtplib.SMTP(SMTP_SERVER)
        msg = EmailMessage()
        msg.set_content(body)

        msg['Subject'] = subject
        msg['From'] = FROM
        msg['To'] = user
        msg['Cc'] = CC + ',' + FROM

        smtp.send_message(msg)
        smtp.quit()


if __name__ == '__main__':
    main()